By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

In late August, we learned Microsoft was planning its next Surface event for October 2nd – although the fact that it was announcing hardware was more of an assumption than an official confirmation. But today Microsoft sent out a second, formal invite to journalists, and it’s now clear the company is planning big things for its next event.
There are two main details alluding to a major announcement: For one, TNW has learned both Surface head honcho Panos Panay and Microsoft CEO Satya Nadella will be in attendance. For another, Microsoft will be livestreaming the event this time around.
Those two details may not sound like much, but they’re worth noting. While Panay is always at Surface events, Nadella is only there on occasion. Likewise, several Surface events have been low-key, press-only events with no livestream. The company didn’t have a livestream for the Surface Book 2 or Pro 6, for example. But it did have a livestream when it introduced the Surface Studio and Surface Book 2 – major new hardware categories for the company.
We understand that Microsoft will have both hardware and software to show off. We’ll likely see a new the Surface Book, which is nearly 2 years old now, and perhaps a spec bump for the more recent Surface Go, Pro, and Laptop. But we also think it’s likely the company will finally reveal its long-rumored dual-screen, extra-portable Surface, codenamed Centaurus. We’ve also heard rumblings of a Surface speaker.
Centaurus is expected to run Microsoft’s sprightly Windows Lite, which is rumored to be the company’s mobile-first alternative to Windows 10. This will run universal Windows apps and come with an all-new interface (as opposed to the less remarkable and unpopular Windows 10 S).
We’ll be there October 2, so stay tuned for more. The livesteam begins at 10AM that day.
Source - Pic: thenextweb, imgbb

Twitter suspended accounts of multiple Cuban politicians, including the account of the country’s leader, Raul Castro, and his daughter, as well as the account of a Cuban TV talkshow Mesa Redonda. Some of the journalists who collaborated with the programme in the past, including journalists who work for RT en Español, have also had their accounts suspended on Twitter. The mass ban/censorship followed the televised announcement about the upcoming fuel shortages due to US policies.
Twitter commented by saying that the ban was implemented according to the social media giant’s policy that prohibits using multiple accounts to amplify political messages and propaganda…
But Twitter (as well as FB, Google, etc) shouldn’t do anything about the US, UK, and Israel’s psychological operations and mass propaganda on social media because those three are the good guys, right? Even though it is openly and officially stated that they create fake “sock puppet” accounts to brainwash people on the Internet, and that they’ve been doing so for years…
Oh, well, I’m pretty sure Twitter just follows the rules of the Free Market™ while making such decisions.
Source and Links to be found at fort-russ.com - Pic: Stream.org

The U.S. Treasury signed sanctions against three hacking groups actively engaged in cyber operations meant to bring financial assets to the government of North Korea. The groups are Lazarus, Bluenoroff, and Andariel, well-known in the security industry for cyber operations aimed at cyberespionage, data theft, monetary reward, and data destruction. By signing the sanctions, the U.S. Treasury U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) puts a lock on all properties and financial assets owned by the three groups in the U.S. and prohibits all dealings involving these goods. The sanctions extend to "any foreign financial institution that knowingly facilitates a significant transaction or provides significant financial services for any of the entities," could become the target of sanctions. All three groups operate at the command of the Reconnaissance General Bureau (RGB), which is North Korea’s primary intelligence bureau. Lazarus Group (a.k.a. Hidden Cobra), which is the larger of the three hacking entities and considered an umbrella for the others, was created in early 2007 and it is coordinated by the 110th Research Center, 3rd Bureau of the RGB; this bureau is charged with technical surveillance and it is the architect of North Korea's cyber operations. Infamous incidents attributed to Lazarus Group include the attack on Sony Pictures - known as Operation Blockbuster, back in 2014 and the WannaCry ransomware global epidemic in 2017. One of the most notable heists attempted by this group was against the Bangladesh Central Bank, which stood to lose about $1 billion, were it not for two mistakes from the hackers. One of them was a typo, the other misstep was choosing a recipient that had been flagged for evading U.S. sanctions against Iran. In total, Bluenoroff (APT38) hackers managed to steal $81 million from just four transfers out of a total of 35. The third hacker group associated with the North Korean government is called Andariel. Operating since at least 2015, the outfit is known to focus on foreign businesses, government agencies, entities in the defense industry, financial services infrastructure, and private corporations. Find this interesting and want to know more visit OUR FORUM.

This review was written after using Android 10 for the past two months, as well as a week of the final release which is much the same as the previous betas. Android 10 is Google’s latest Android software version and is the version of Android that will be on the Pixel 4 when it launches. There aren’t many huge features packed in here as there would be with iOS. This isn’t a knock on Android however, it’s because Google trickles down features to its apps via the Play Store rather than waiting for a single large annual update. With Android 10, Google will also start pushing security updates via the Play Store as well. So enough about what’s not new here, here’s what IS new here. While Android 10 has a bevy of new features, only a few of them are directly relevant or even worth mentioning to new users. The first is the new gestures system, the second is the dark theme, and the last is the new privacy system. Before that, there are a whole bunch of other interesting features Google’s advertised with Android 10. We’ve got Live Caption, a feature that’ll let your phone add captions to whatever audio is playing automatically even if there aren’t any subtitles present. It’s meant to be an accessibility feature and something that’ll improve the quality of life of Android users with hearing difficulties. Google has also announced Focus Mode, a series of features to help users improve their productivity on their phones. Aside from being highlighted on the Android 10 official release, both features have the dubious distinctions of not actually being present in the final release itself almost as if Gooogle couldn’t be bothered to complete its work before releasing the project. And that’s an issue with Android 10 in general that I’ve noticed. Read the review on OUR FORUM.

Cobalt Dickens, a threat actor associated with the Iranian government, ran a phishing operation in July and August that targeted more than 60 universities in countries on four continents. Security researchers say that the group's hacking activity affected at least 380 universities in more than 30 countries, many of the targets being hit multiple times. The latest phishing campaign was directed at organizations in Australia, Hong Kong, the U.S., Canada, the U.K., and Switzerland. It used at least 20 new domain names registered using the Freenom service that offers free top-level domain names (.ml, .ga, .cf, .gq, .tk). A fraudulent email Cobalt Dickens sent to people with access to the library of the targeted university, shows a message that prompted to reactivate the account by following a spoofed link. Using a spoofed link is a change in the modus operandi as previous campaigns from the group relied on shortened URLs to direct to the fake login page. Following the fake link leads "to a web page that looks identical or similar to the spoofed library resource," say researchers from Secureworks' Counter Threat Unit (CTU). Once the credentials are provided, they are stored in a file named 'pass.txt' and the browser loads the genuine university website. To cancel suspicions of fraudulent activity, the threat actor often uses valid TLS certificates for its websites. Most of the certificates observed in this campaign are free, issued by the Let's Encrypt non-profit certificate authority. Also known as Silent Librarian, the group focuses on compromising educational institutions, although its victims count private sector companies, too. Its purpose seems to be stealing library account credentials and selling academic resources as well as access to them to customers in Iran. Nine individuals believed to have roles in the group's activity were indicted by the US Department of Justice in March 2018 for cyber intrusion activities. It is believed that they were partners or hacker-for-hire for a company called Mabna Institute that carried hacking operations since at least 2013. You can find the complete posting on OUR FORUM.

Attackers can use genuine binaries from Microsoft Teams to execute a malicious payload using a mock installation folder for the collaboration software. The problem affects most Windows desktop apps that use the Squirrel installation and update framework, which uses NuGet packages. A list of impacted products, as tested by the security researcher that made the discovery, includes WhatsApp, Grammarly, GitHub, Slack, and Discord. Reverse engineer Reegun Richard found that he could create a fake Microsoft Teams package and use a signed binary to execute anything present in a specific location. One notable aspect of the experiment is that no resources are required on the target system other than the minimum package created by the attacker. The researcher found that the genuine 'Update.exe' file and two folders - 'current' and 'packages,' all being part of a normal Microsoft Teams installation, are sufficient to launch on the system malware that inherits the trust of the signed executable, allowing the defeat of some defense mechanisms. It appears that the 'Update' executable blindly deploys anything that is present in the 'current' folder. The 'packages' location needs to have a 'RELEASES' file, albeit it does not have to be valid. "It just needs the format 'SHA1 filename size'. Microsoft is aware of the problem but decided not to address it. The researcher says that the reason the company gave him was that the glitch "did not meet the bar of security issue." The researcher explains that not all NuGet packages are vulnerable but all apps relying on the Squirrel one-click installer are. More details can be found on OUR FORUM.

 

GTranslate